Endpoint Data Protection ignored
OPINION PIECE
"Endpoint Security" will be a huge focus from now on and this is borne out by findings from a recent summit I attended with some strategic customers (See Top InfoSec issues for 2006 and various other research.)
Holistic "Endpoint Security" to my mind includes :
To date, everyone has been ignoring the Data Security issue and focussed on the other stuff. However, I believe this is about to change, and articulate my views on why in Endpoint encryption to go mainstream. Gartner has also recently raised the red flag in Mobile email devices a security risk. Right now it would seem that only niche products (PGP, Utimaco, Safepoint and BootSec) are available for endpoint data protection that will work on PC’s, Servers, Laptops and ALSO work on PDA’s, Blackberries, and Smart phones and offer centralised management together with remote data wiping or erasure should devices be lost or stolen. Component control (Flash drives, USB sticks, iPODs etc) needs to be delivered by yet another niche vendor.
So today, no one vendor exists to do all of this. But I believe this will change as from a manageability perspective it has to. Likely candidates for complete solutions are Symantec, McAfee and CA. But that is for another story...
CATEGORIES:1opinion piece, 1trends, 1data protection, 1endpoint security, 1mobility, 1best practices
"Endpoint Security" will be a huge focus from now on and this is borne out by findings from a recent summit I attended with some strategic customers (See Top InfoSec issues for 2006 and various other research.)
Holistic "Endpoint Security" to my mind includes :
- Authentication (device and/or user - passwords, 802.1x etc.)
- Host Security (AV, H-IPS, Personal FW, and AntiSpyware),
- Policy & Integrity Enforcement (Scan & Block appliances from the likes of Cisco Clean Access/Sygate or Integrity Architectures such as NAC/NAP/TNC) and
- Data Protection or Security (encryption, data erasure, component control).
The mobility phenomenon coupled with contractors is where the real endpoint security risk lies (mainly laptops today but PDA's and Smartphones tommorow). The problem is that laptops today are:
- at high risk from infection (so they need Host security)
- at high risk from infecting others (so they need their integrity checked -NAC, Sygate etc.)
- at high risk from being lost/stolen (so they need their Data protected)
To date, everyone has been ignoring the Data Security issue and focussed on the other stuff. However, I believe this is about to change, and articulate my views on why in Endpoint encryption to go mainstream. Gartner has also recently raised the red flag in Mobile email devices a security risk. Right now it would seem that only niche products (PGP, Utimaco, Safepoint and BootSec) are available for endpoint data protection that will work on PC’s, Servers, Laptops and ALSO work on PDA’s, Blackberries, and Smart phones and offer centralised management together with remote data wiping or erasure should devices be lost or stolen. Component control (Flash drives, USB sticks, iPODs etc) needs to be delivered by yet another niche vendor.
So today, no one vendor exists to do all of this. But I believe this will change as from a manageability perspective it has to. Likely candidates for complete solutions are Symantec, McAfee and CA. But that is for another story...
CATEGORIES:1opinion piece, 1trends, 1data protection, 1endpoint security, 1mobility, 1best practices
0 Comments:
Post a Comment
<< Home